I’d already read the stories you linked, and plenty others this morning. You know what caught my eye?

The fact that we have no indication why the FBI (or whoever) thought this writer was a Russian “troll”.

For all we know, she was using TOR or some other anonymizing system and exiting from a Russian IP address. Evidently, judging by the December report from the “Intelligence Community”, said “community” doesn’t even understand that just because somebody is using IP addresses associated withVPS, TOR exit nodes, proxies, and other non-descriptive internet traffic sites” in Russia doesn’t make them a Russian agent, or even a Russian.

In some locations in the CSV the indicators are IP addresses with a request to network administrators to look for it and in other locations there are IP addresses with just what country it was located in. This information is nearly useless for a few reasons. First, we do not know what data set these indicators belong to (see my previous point, are these IPs for “Sandworm”, “APT28” “Powershell” or what?). Second, many (30%+) of these IP addresses are mostly useless as they are VPS, TOR exit nodes, proxies, and other non-descriptive internet traffic sites (you can use this type of information but not in the way being positioned in the report and not well without additional information such as timestamps). Third, IP addresses as indicators especially when associated with malware or adversary campaigns must contain information around timing. I.e. when were these IP addresses associated with the malware or campaign and when were they in active usage? IP addresses and domains are constantly getting shuffled around the Internet and are mostly useful when seen in a snapshot of time. [my bold]

So basically, we have zero evidence that this person is even a Russian. Much less a Russian agent. She could be in the US, just as she claimed.

Fun fact: did you know that Sci-Hub is located in Russia? Next thing you know, maybe the “Intelligence Community” will be smearing every scientist who ever downloaded a paper from this vital (but illegal) resource as a Russian agent.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store